<?php
include('common/constants.php');
include('common/db.php');

if (!isset( $_GET )){
	echo "Nothing to save.";
}

//create array to temporarily grab variables
$input_arr = array();
//grabs the $_POST variables and adds slashes
foreach ($_GET as $key => $input_arr) {
	$_GET[$key] = addslashes(htmlspecialchars($input_arr));
}

$slctSql = " SELECT * FROM notification where user_id='". $_GET['userID']. "' AND advert_id = '". $_GET['advert_id']. "'" . " AND action = '".$_GET['action']. "'";
$result = mysql_query($slctSql) or trigger_error(mysql_error());
$num = mysql_num_rows($result);
//echo ' slctSql :'.$slctSql;
//echo ' num :'.$num;
if ($num != 0) {
	
	if ($_GET['action'] == "reserved") {
		$updateSql = "UPDATE `notification` SET `seat_no`=seat_no + 1  WHERE `user_id`='". $_GET['userID']. "' AND advert_id = '". $_GET['advert_id']. "'" . " AND action = '".$_GET['action']. "'";
		if(mysql_query($updateSql)){
				echo "success";
		}else{
			echo "fail";
		}
	} else if ($_GET['action'] == "liked") {
		echo "liked_once";
	}
	
}else if ($num == 0) {
	$sql = "INSERT INTO `notification`(`advert_id`, `seat_no`, `user_id`, `action`) ";
	$sql .= " VALUES('{$_GET['advert_id']}', '1', '{$_GET['userID']}', '{$_GET['action']}')";

	if(mysql_query($sql)){
			echo "success";
	}else{
		echo "fail";
	}
}